screen-control-operator-v3

HIGH W007: Insecure credential handling detected in skill instructions.

• Insecure credential handling detected (high risk: 0.90). The skill explicitly records "type events (with values)" and saves/plays back skills (JSON files and CLI invocations), which can capture and later emit verbatim typed secrets (passwords/API keys) leading to exfiltration risk.

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.90). The skill actively navigates to and scrapes public websites (e.g., the record_cli start-url "https://vmatrix1.brevardclerk.us/beca/", the inspect --url CLI and operator.get_page_structure()) and then reads/interprets the page DOM/accessibility tree, so it ingests untrusted, third‑party web content as part of its workflow.